Ryuk ransomware is believed to be the culprit behind the impeded printing & delivery of major newspaper publications in the United States i.e. Los Angeles Times and Tribune Publishing.
The malware attack on Tribune Publishing’s software systems was discovered on 28th December 2018. The abuse on the software delayed weekend distribution of the newspaper & affected Tribune publications throughout the country.
Among the publications affected include:
Baltimore Sun, Capital Gazette, Chicago Tribune, Hartford Courant, Wall Street Journal,
New York Times, Carroll County Times, Lake County News-Sun, the South Florida Sun Sentinel & Post-Tribune.
The Los Angeles Times & San Diego Union-Tribune that were formerly part of Tribune Publishing newspapers were also slammed by the Ransomware.
The print editions of the affected newspapers were published on Saturday without obituary section & paid classified ads according to the publications.
The attack is believed to have originated outside the US and intended to create chaos & disable infrastructure rather than steal information. The publication further alleges that no subscriber personal details were compromised. Also, it is known that publication’s websites or online editions remained unaffected.
Ryuk Ransomware is a descendant of the Hermes Ransomware family that debuted in the month of August 2018. The critical nature of the ransomware, the high ransom demands & the labor intensive nature of the decryption tool makes it popular among the Ransomware family.
The modular framework of this Ransomware allows criminals to make custom versions against specific targets. Unlike the common Ransomware systematically distributed via massive spam campaigns & exploit kits, Ryuk is used especially for tailored attacks.
Ryuk tends to hit high value target that can’t afford major downtime, demanding hefty Bitcoin ransoms.
December 2018 brought a new version of this crypto virus that caused disruption in printing & delivery of major newspaper publications in the US.
Research reveals that the group behind Ryuk known as Grim Spider has already received nearly 400 Bitcoin that valued more than $1,520,000 from victims in about 4 months. It’s unclear if any of that ransom came from Tribune Publishing.
The malfunctioning in the publication’s server was first noticed on Thursday night i.e. 27th December 2018. It appeared to have proliferated throughout printing software systems of the publication on Saturday enervating operations & obstructing page transmissions to Southern California Printing Presses.
Treat actors behind the attack haven’t been identified but the odds are good that it is someone whose motive was to spoil the reputation of the publication.
Though the outage of the attack is yet to be completely resolved, the on-time deliveries of the newspapers were resumed on Sunday. The FBI & the Homeland Security officials are working with the government & industry partners to better understand the situation.
Ransomware attacks have become widespread and are responsible for crippling systems. It is therefore important to undertake security measures to avoid unforeseen circumstances.
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
The researchers at Virus Removal Guidelines are dedicated to track down the latest vulnerabilities which may infringe your system security. Our team of expert performs a detailed research about every malware infection before educating our users about the same.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.